<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>News system v1</title>


<link rel="stylesheet" type="text/css" href="style.css">


</head>

<body>
<?php
session_start();
error_reporting(0);
?>


<div id="exCenter">
    <div id="exHeader">
        <center><h1><a href="index.php">News system v1</a></h1></center>
    </div>
    <div id="exContent">
        <div id="exLeftColumn">
            <p>
            
            <?PHP
            error_reporting(0);
			@ini_set(‘display_errors’, 0);
            
$con=mysqli_connect("localhost","root","","bd_news");
// Check connection
if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

$rec_limit = 5;

$plus = $_GET['plus'];
$minus = $_GET['minus'];


////////////////////////////////////
////////////////////////////////////
// CZĘŚĆ ODPOWIEDZIALNA ZA RATING //
////////////////////////////////////
////////////////////////////////////
if($plus !=''){
			$rat_upd=0;
						$result = mysqli_query($con,"SELECT rating FROM `news` WHERE id_news = $plus");
						while($row = mysqli_fetch_array($result)) {
								$rat_upd=$row['rating'];
						}
						$rat_upd=$rat_upd+1;
						
						$result = mysqli_query($con,"UPDATE `news` SET `RATING` = '$rat_upd' WHERE `news`.`ID_NEWS` = $plus");
						echo "<meta http-equiv='refresh' content='0;url=./index.php'>";	
	
	
	};
if($minus !=''){
			$rat_upd=0;
						$result = mysqli_query($con,"SELECT rating FROM `news` WHERE id_news = $minus");
						while($row = mysqli_fetch_array($result)) {
								$rat_upd=$row['rating'];
						}
						$rat_upd=$rat_upd-1;
						
						$result = mysqli_query($con,"UPDATE `news` SET `RATING` = '$rat_upd' WHERE `news`.`ID_NEWS` = $minus");
						echo "<meta http-equiv='refresh' content='0;url=./index.php'>";	
	
	
	};
	
	
	
	
	

	


////////////////////////////////////////////
////////////////////////////////////////////
// CZĘŚĆ ODPOWIEDZIALNA ZA 'WYSZUKIWANIE' //
////////////////////////////////////////////
////////////////////////////////////////////
if ($_GET['id'] == 1){
// 1 - tag search
				$searchfor = $_POST['search_tag'];
				$searchfor2 = $_GET['tag_popular'];
				if($searchfor2 !=''){
						$result = mysqli_query($con,"SELECT id_news, title, description, maintext, date, rating, id_user FROM news where ID_NEWS = any (select ID_NEWS from news_tags where ID_TAGS = any (select ID_TAG from tags where TAG = '$searchfor2'))");
					}else{					
						$result = mysqli_query($con,"SELECT id_news, title, description, maintext, date, rating, id_user FROM news where ID_NEWS = any (select ID_NEWS from news_tags where ID_TAGS = any (select ID_TAG from tags where TAG = '$searchfor'))");
					};
				//SELECT * FROM news where ID_NEWS = any (select ID_NEWS from news_tags where ID_TAGS = any (select ID_TAG from tags where TAG = 'szkola'))
	}else if ($_GET['id'] == 2){
	// 2 - maintext search
				$searchfor = $_POST["search_maintext"];
				$result = mysqli_query($con,"SELECT id_news, title, description, maintext, date, rating, id_user FROM `news` WHERE `MAINTEXT` LIKE \"% $searchfor %\"");

		}else if ($_GET['id'] == 3){
		// 3 - rating search
				$searchfor = $_POST["search_rating"];
				//1 powyzej 0
				//2	ponizej 0
				//3	powyzej 100
				//4 ponizej 100
				$result = mysqli_query($con,"select id_news, title, description, maintext, date, rating, id_user from news where $searchfor");



			}else if ($_GET['id'] == 4){
			// 4 - date search
				$searchfor = $_POST["date_from"];
				$searchfor2 = $_POST["date_to"];					
				
				$result = mysqli_query($con,"select id_news, title, description, maintext, date, rating, id_user from news where date between \"".$searchfor."\" and \"".$searchfor2."\"");
		
			}else{
			//  - no filter
				$result = mysqli_query($con,"SELECT id_news, title, description, maintext, date, rating, id_user  FROM `news` ORDER BY id_news DESC ");
					$rec_count=mysqli_num_rows($result);
					if( isset($_GET{'page'} ) )
					{
					   $page = $_GET{'page'} + 1;
					   $offset = $rec_limit * $page ;
					}
					else
					{
					   $page = 0;
					   $offset = 0;
					}
					$left_rec = $rec_count - ($page * $rec_limit);
								
				$result = mysqli_query($con,"SELECT id_news, title, description, maintext, date, rating, id_user  FROM `news` ORDER BY id_news DESC LIMIT $offset, $rec_limit");
				
			};




		// ZABEZPIECZENIE PRZED BŁĘDNYM GET'EM LUB BRAKU WYNIKÓW WYSZUKIWANIA
			if( mysqli_num_rows($result) == 0 ){
				echo '<Center><FONT COLOR="white">No search result or some other error ;)<br>';
				echo 'Go back to <a href="index.php">MAIN PAGE</a></Center>';
				}




				
				//PAGING


				
				
///////////////////////////////////////
///////////////////////////////////////
// WYŚWIETLANIE LEWEJ STRONY - NEWSY //
///////////////////////////////////////
///////////////////////////////////////
while($row = mysqli_fetch_array($result)) {
	echo '<div>';
	
	
	
	echo '<table>';

	echo '<tr>';
	echo '	<th width="750" colspan="3">';
	echo 		$row['title']." <em>(ID: ".$row['id_news'].")</em>";
	
	//edit dla admina!!
	session_start();
	if( $_SESSION['zalogowany_admin']=="tak" )
		{
		
		echo '<a href="update_news_form.php?id_update='.$row['id_news'].'">EDIT</a>';	
		
		}
	
	
	
	echo '	</th>';
	echo '</tr>';


	echo '<tr>';
	echo '	<td width="750" colspan="3">';
	echo 		$row['description'];
	echo			' - <a href="news_maintext.php?id='.$row['id_news'].'">czytaj dalej</a>.';
	
		$resulttag = mysqli_query($con,"SELECT TAG FROM tags where ID_TAG = any (select ID_TAGS from news_tags where ID_NEWS = any (select ID_NEWS from news where id_NEWS = ".$row['id_news']."))");
		echo '<br>';
		while($rowtag = mysqli_fetch_array($resulttag)) {
			echo "&#35".$rowtag['TAG'].", ";
		}

	// HASHTAGS
	//SELECT TAG FROM tags where ID_TAG = any (select ID_TAGS from news_tags where ID_NEWS = any (select ID_NEWS from news where id_NEWS = $row['id_news']))
	
	
	
	echo '	</td>';
	echo '</tr>';
	
	echo '<tr>';
	echo '	<td width="250">';
	echo 		'Dodano '.$row['date'];	
	echo '	</td>';
		
	echo '	<td><center>';
	
		if( $_SESSION['zalogowany_admin']=="tak" || $_SESSION['zalogowany_user']=="tak")
		{
		
			echo 		'<a href="?plus='.$row['id_news'].'"><img alt="plus" height="15" src="img/plus.png" width="15" /></a> ';
			echo 		'&nbsp &nbsp'.$row['rating'];
					if($row['rating']==NULL) echo '0'; // bo nulla nie pokazywało ;)
			echo 		'&nbsp &nbsp<a href="?minus='.$row['id_news'].'"><img alt="minus" height="15" src="img/minus.png" width="15" />';
		}else{
			echo 		'&nbsp &nbsp'.$row['rating'];
			if($row['rating']==NULL) echo '0'; // bo nulla nie pokazywało ;)
			}
	
	echo '	</center></td>';
		
		

	$resultuser = mysqli_query($con,"SELECT nick FROM users WHERE id_user=".$row['id_user']);
	$rowus = mysqli_fetch_array($resultuser);
	
	echo '	<td width="250">';
	echo 		'Przez <strong>'.$rowus['nick'].'</strong>';
	echo '	</td>';
	
	
	echo '</tr>';
	
	echo '</table>';

	
	
	
	echo '</div><br><br>';
}




echo '<center>';
if( $page > 0 )
{
   $last = $page - 2;
   echo "<a href=\"$_PHP_SELF?page=$last\"><-PREV-</a> &nbsp&nbsp&nbsp <FONT COLOR=\"white\">||</font>";
   if($rec_count-($page+1)*$rec_limit>=1){
	echo "&nbsp&nbsp&nbsp<a href=\"$_PHP_SELF?page=$page\">-NEXT-></a>";
   }
}
else if( $page == 0 )
{
   echo "<a href=\"$_PHP_SELF?page=$page\">-NEXT-></a>";
   
}	
echo '</center>';

mysqli_close($con);	
?>

            
            
            </p>
            
			
		
            
            
            
        </div>
        <div id="exRightColumn">
				
				<center>
				<?php
				
					if( $_SESSION['zalogowany_admin']=="tak" || $_SESSION['zalogowany_user']=="tak" )
						{
						echo "Logged: <b>".$_SESSION['logged']."</b>";							
						echo '<Br><a href="logout.php">Wyloguj</a>';
						}else{
						echo '<a href="log.php">Log in</a>';
						}
				
				
				
				
				?>
				</center>
		
		
		
			
				<p><b>Popularne #hashtagi</b><br>
				<?php
							
				@ini_set(‘display_errors’, 0);
							
				$con=mysqli_connect("localhost","root","","bd_news");
				// Check connection
				if (mysqli_connect_errno()) {
				  echo "Failed to connect to MySQL: " . mysqli_connect_error();
				}

				//działające
				//$resulthash = mysqli_query($con,"SELECT TAG FROM tags where ID_TAG = any (SELECT `ID_TAGS` FROM news_tags GROUP BY id_tags ORDER BY count(*))");
				$resulthashid = mysqli_query($con,"SELECT id_tags FROM news_tags GROUP BY id_tags ORDER BY count(id_tags) DESC LIMIT 3"); // otrzymuje ID tagów, od najbardziej wykorzystywanego do najmniej
				$i=0;
				
					while($rowhashid = mysqli_fetch_array($resulthashid)) { // kolejne ID hashy
						$resultsecondhash = mysqli_query($con,"SELECT TAG FROM `tags` WHERE id_tag = ".$rowhashid['id_tags']);
						
						while($rowhashname = mysqli_fetch_array($resultsecondhash)) { // ID zmienione na nazwe tagu
					
					
							echo '#<a href="index.php?id=1&tag_popular='.$rowhashname['TAG'].'">'.$rowhashname['TAG'].' </a>,';	
								if($i%2){
									echo "<br>";
								}
								$i=$i+1;
								if($i==3){
									break;
								}
						
						
						}	
					}
				
            ?>
			
            
            	
            	</p>
            
            <hr>
            
            <p><b>Wyszukaj tag</b><br>
            <form name="search_tag_form" action="index.php?id=1" method="post">
            	<input name="search_tag" type="text" /><br>
				<input name="search_tag_button" type="submit" value="Szukaj" />
			</form>
					</p>
            <hr>
            
            <p><b>Szukaj w treści</b><br>
            <form name="search_maintext_form" action="index.php?id=2" method="post">
            	<input name="search_maintext" type="text" /><br>
				<input name="search_maintext_button" type="submit" value="Szukaj" />
			</form>
				
					</p>
            <hr>
            
            <p><b>Pokaż tylko z ocenami</b><br>    
            <form name="search_rating_form" action="index.php?id=3" method="post">                    	
	            <select name="search_rating">
					<option label="Powyżej 0">rating &gt 0</option>
					<option label="Poniżej 0">rating &lt 0</option>
					<option label="Powyżej 100">rating &gt 100</option>
					<option label="Poniżej 100">rating &lt 100</option>				
				</select><br>
				<input name="search_rating_button" type="submit" value="Szukaj" />
			</form>

            					</p>
            <hr>
            <p><b>Zakres daty</b><br>   
            <form name="search_date_form" action="index.php?id=4" method="post">              
            	od <input name="date_from" type="date" value="<?php echo date('Y-m-d'); ?>"/><br>
            	do <input name="date_to" type="date" value="<?php echo date('Y-m-d'); ?>"/>
				<input name="search_date_button" type="submit" value="Szukaj" />
			</form>
            					</p>
            
            
            
            
            
            
        </div>
        <div class="exClear"></div>
    </div>
    <div id="exFooter">	    
	    <center>
	        <p><a href="newsmyadm.php">admin © 2014 Basinsky</a></p>
	    </center>    
    </div>
</div>




</body>

</html>
